Welcome » IT Booklets » Supervision of Technology Service Providers (TSP) » Supervisory Programs » Shared Application Software Review Program
The Agencies established the Shared Application Software Review (SASR) program to effectively employ interagency resources in uniform reviews of software packages or systems. Shared application software packages include stand-alone software and integrated (turnkey system) packages. Generally, these are purchased software that involves mission-critical, core, or high-risk applications widely used at financial institutions.
The SASR program is not limited, however, to the review of shared application packages. The Agencies also use SASRs to support interagency safety and soundness initiatives when focusing on higher-risk applications in larger financial institutions. A SASR can evaluate financial institutions' software packages for use in wire transfer, capital markets, derivatives development/record keeping, securities transfer, asset management, Bank Secrecy Act and anti-money laundering, consumer compliance, or other lines of business.
An internal, confidential SASR report is developed strictly for regulatory purposes. The report is not provided to the company that developed the software application or to the user financial institutions. The information in the SASR report is intended to augment and expedite the Agencies' supervisory process by identifying potential systemic risks and presenting information, suggestions, and instructions to aid in completing the examinations of financial institutions that use the various applications and software products covered by this program.